Many communication systems rely on cryptography to ensure message secrecy and authenticity for communications that occur between two or more network communication nodes. In particular, some networks that employ a shared communication medium are susceptible to eavesdropping by attackers who can receive any encrypted or non-encrypted communications.
Prior art embodiments enable encrypted communications using either public-key/private-key or symmetric key cryptographic systems. However, for many applications, such as embedded systems, the public-key/private-key prior art techniques are impractically complex. Symmetric key cryptography, in which two or more parties use a single shared secret key to perform cryptographic operations, is often preferable, but raises the issue of how two or more nodes can communicate with each other to establish the secret key without divulging the contents of the secret key to attackers who are assumed to be capable of monitoring the communications. Some prior art systems use long-term symmetric keys that are stored in the memory of two or more devices in an out-of-band manner, such as during manufacture. These keys cannot be changed rapidly during operation of the system, however. Furthermore, in more complex scenarios a set of more than two devices need to use a shared key for communication in a particular scenario where the members of a particular set can change frequently during operation of the system, which requires the generation of new keys in an efficient manner. Consequently, improvements to key generation techniques that enable secure generation of shared secret keys between multiple nodes over a shared communication medium that is susceptible to eavesdropping without revealing the shared key to an eavesdropper would be beneficial.